[sclug] Restricted Bash Shell
ed
ed at s5h.net
Thu May 18 17:21:15 UTC 2006
On Thu, 18 May 2006 14:45:34 +0100
"Sapan Ganguly" <sapan.ganguly at gmail.com> wrote:
> I have a problem with the restricted bash shell. I have some users
> that log in with SSH, I've given them a restricted bash shell (bash
> --restricted) because I want them to stay in their home directories
> but the trouble is they cannot cd into directories (even if they've
> created them) under their home directories. They can do a mkdir in
> their home directories but then they cannot cd in.
>
> Does anyone know of a better restricted shell that is smart enough to
> let users cd down into their own directories but not out of their home
> directory.
>
> I didn't want to do the whole chroot thing as it looked like a bit of
> a hassle.
I think the only way to do this securely is with fakeroot. If you don't
then there's not much to stop users working outside the shell's
provision.
Beware scponlyc! I was running a box that got rooted this one time, I
know there is a possible race condition when logging in, but at the same
time I noticed proftpd behaving odly (logging random garbage), so one of
the programs has flaws (I have serious doubts about both).
--
Regards, Ed :: http://www.usenix.org.uk
just another linux person
:%s/Open Source/Free Software/g :: Free DNS available
More information about the Sclug
mailing list